CVE-2026-46466
Received Received - Intake

Authentication Bypass in Dell PowerProtect Data Domain

Vulnerability report for CVE-2026-46466, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-03

Last updated on: 2026-07-03

Assigner: Dell

Description

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of less trusted source vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to information tampering.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-03
Last Modified
2026-07-03
Generated
2026-07-03
AI Q&A
2026-07-03
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
dell powerprotect_data_domain From 7.7.1.0 (inc) to 8.7 (inc)
dell powerprotect_data_domain From 8.6.1.0 (inc) to 8.6.1.10 (inc)
dell powerprotect_data_domain From 8.3.1.0 (inc) to 8.3.1.30 (inc)
dell powerprotect_data_domain From 7.13.1.0 (inc) to 7.13.1.70 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-348 The product has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7, including certain LTS releases. It involves the use of a less trusted source, which can be exploited by a high privileged attacker with remote access.

Exploitation of this vulnerability could lead to information tampering.

Impact Analysis

If exploited, this vulnerability could allow a high privileged remote attacker to tamper with information on affected Dell PowerProtect Data Domain systems.

The impact is limited to information integrity, with no direct impact on confidentiality or availability according to the CVSS score.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46466. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart